Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5XUeWWiXKSYdmSnLLSqeV_c6VXs.roa
File: 5XUeWWiXKSYdmSnLLSqeV_c6VXs.roa (raw, json)
Hash identifier: roE0TV/5IjegEKnpiG6spKXX1P4oJeHAa/PeTJgQq5M=
Subject key identifier: E5:75:1E:59:68:97:29:26:1D:99:29:CB:2D:2A:9E:57:F7:3A:55:7B
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 37EE1EA9
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5XUeWWiXKSYdmSnLLSqeV_c6VXs.roa
Signing time: Sat 01 Jan 2022 06:01:01 +0000
ROA not before: Sat 01 Jan 2022 06:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200059
IP address blocks: 109.235.0.0/21 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938352297 (0x37ee1ea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 06:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5751e59689729261d9929cb2d2a9e57f73a557b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7e:9c:3f:99:23:2f:93:75:c0:83:a3:66:4a:
b1:34:68:50:a8:b4:78:22:aa:39:e1:ba:87:02:ae:
3f:07:7a:60:c1:4a:c3:0d:b7:f4:1b:c3:48:eb:c1:
f3:7f:83:a5:d3:98:c0:db:81:6c:f9:a2:c5:f9:3b:
d4:0b:59:24:d8:09:e8:16:39:98:7f:45:d9:8c:f7:
7f:5c:86:d3:12:95:4d:e0:98:8c:b7:c8:83:79:fd:
e1:5f:9a:d8:a3:e9:82:f7:b9:14:f1:be:0b:1a:51:
3a:c8:ed:48:27:ce:5c:5d:0f:62:dd:1b:94:e8:d9:
18:b6:64:a6:2d:f8:66:bd:b7:81:4e:2c:90:ab:e7:
17:67:92:d6:fc:48:95:27:66:17:be:74:34:d6:6c:
90:f6:ff:b0:d7:19:db:79:64:a7:3f:2d:10:c9:2c:
04:3d:9c:e1:4a:55:85:d7:7e:be:f1:f7:ec:6b:33:
51:8c:cc:b1:08:f2:54:59:4d:5a:27:17:1c:76:dd:
7c:33:f2:25:84:6d:b4:d7:5b:d0:3f:02:d1:42:19:
0b:10:b6:df:e0:fc:91:f7:7a:71:50:fb:93:bc:0c:
92:cd:19:58:9c:cf:0c:e2:9c:2a:7b:a5:8f:79:0c:
50:96:04:da:6b:54:73:fd:e1:a8:58:08:dc:db:2b:
d6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:75:1E:59:68:97:29:26:1D:99:29:CB:2D:2A:9E:57:F7:3A:55:7B
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5XUeWWiXKSYdmSnLLSqeV_c6VXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.0.0/21
Signature Algorithm: sha256WithRSAEncryption
af:66:a6:9c:c7:99:c3:99:2a:e7:0d:7c:43:de:6e:63:a5:39:
96:ba:25:ca:54:03:63:23:3b:68:67:ed:b9:7a:03:91:2d:4a:
43:d6:3a:81:6e:c6:72:57:a3:b5:24:43:8d:2a:9a:2d:4d:ee:
3f:23:d3:d4:bd:9b:65:c7:79:53:4d:77:29:44:bb:cb:7f:4d:
da:60:ca:ca:02:ea:bb:18:86:11:37:4a:d8:d0:c3:df:b7:f2:
67:f6:84:10:29:e4:36:6e:70:30:c1:8d:d0:93:18:4b:7f:a0:
4a:7f:5d:64:29:2a:9a:b5:bb:bc:2c:e2:57:26:4b:1b:fa:b9:
77:2c:ae:68:15:88:39:82:26:7d:3e:14:9c:c0:08:51:b2:a0:
c2:3d:30:49:6f:cd:f2:06:ff:e6:ad:e4:75:9b:ec:39:98:b4:
be:dd:8f:0e:82:23:f5:df:6b:da:07:3c:31:49:18:7d:ea:a3:
7b:3a:6c:17:16:d3:50:a6:19:20:0c:8e:7b:8d:e8:5a:39:ba:
c1:df:18:71:42:74:63:6c:a8:6f:5a:af:42:8f:00:a7:da:16:
de:e0:ed:ad:6c:cd:d3:2f:13:02:27:9d:d9:92:b0:c3:f8:56:
5f:e2:56:c1:dd:2c:9a:4c:ca:16:c7:3e:50:f0:a8:0d:01:a4:
58:fc:21:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN+4eqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTlmMGY1ZmY2MjBlMGRiNTMxMWY2NDczNjkwOTk3M2FjNjBmNmYzMB4XDTIyMDEw
MTA2MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU3NTFlNTk2ODk3
MjkyNjFkOTkyOWNiMmQyYTllNTdmNzNhNTU3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJt+nD+ZIy+TdcCDo2ZKsTRoUKi0eCKqOeG6hwKuPwd6YMFK
ww239BvDSOvB83+DpdOYwNuBbPmixfk71AtZJNgJ6BY5mH9F2Yz3f1yG0xKVTeCY
jLfIg3n94V+a2KPpgve5FPG+CxpROsjtSCfOXF0PYt0blOjZGLZkpi34Zr23gU4s
kKvnF2eS1vxIlSdmF750NNZskPb/sNcZ23lkpz8tEMksBD2c4UpVhdd+vvH37Gsz
UYzMsQjyVFlNWicXHHbdfDPyJYRttNdb0D8C0UIZCxC23+D8kfd6cVD7k7wMks0Z
WJzPDOKcKnulj3kMUJYE2mtUc/3hqFgI3Nsr1jUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTldR5ZaJcpJh2ZKcstKp5X9zpVezAfBgNVHSMEGDAWgBQ1nw9f9iDg21MR
9kc2kJlzrGD28zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05aOFBYX1lnNE50VEVmWkhOcENaYzZ4Zzl2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8x
LzVYVWVXV2lYS1NZZG1TbkxMU3FlVl9jNlZYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NDBkOWE1LTI1NjYtNDllMS1hNTdiLWQxYWJmNGVlMzJjYi8xL05aOFBYX1lnNE50
VEVmWkhOcENaYzZ4Zzl2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA23rADANBgkqhkiG9w0BAQsFAAOC
AQEAr2amnMeZw5kq5w18Q95uY6U5lrolylQDYyM7aGftuXoDkS1KQ9Y6gW7Gclej
tSRDjSqaLU3uPyPT1L2bZcd5U013KUS7y39N2mDKygLquxiGETdK2NDD37fyZ/aE
ECnkNm5wMMGN0JMYS3+gSn9dZCkqmrW7vCziVyZLG/q5dyyuaBWIOYImfT4UnMAI
UbKgwj0wSW/N8gb/5q3kdZvsOZi0vt2PDoIj9d9r2gc8MUkYfeqjezpsFxbTUKYZ
IAyOe43oWjm6wd8YcUJ0Y2yob1qvQo8Ap9oW3uDtrWzN0y8TAied2ZKww/hWX+JW
wd0smkzKFsc+UPCoDQGkWPwhiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org